Advertisement

Direct CCA-Secure KEM and Deterministic PKE from Plain LWE

  • Xavier Boyen
  • Qinyi LiEmail author
Conference paper
Part of the Lecture Notes in Computer Science book series (LNCS, volume 11505)

Abstract

We present a particularly simple and efficient CCA-secure public-key encapsulation scheme without random oracles or costly sampling. The construction is direct in the sense that it eschews generic transformations via one-time signatures or MACs typically found in standard-model constructions. This gives us a compact, conceptually simpler, and computationally efficient operation, that in particular does not require any Gaussian sampling. Nevertheless, security is based on the hardness of the plain learning-with-errors (LWE) problem with polynomial modulus-to-noise ratio.

Of further interest, we also show how to obtain CCA-secure deterministic public-key encryption (for high-entropy messages), that is more compact and efficient than existing constructions.

References

  1. 1.
    Agrawal, S., Boneh, D., Boyen, X.: Efficient lattice (H)IBE in the standard model. In: Gilbert, H. (ed.) EUROCRYPT 2010. LNCS, vol. 6110, pp. 553–572. Springer, Heidelberg (2010).  https://doi.org/10.1007/978-3-642-13190-5_28CrossRefzbMATHGoogle Scholar
  2. 2.
    Alwen, J., Krenn, S., Pietrzak, K., Wichs, D.: Learning with rounding, revisited. In: Canetti, R., Garay, J.A. (eds.) CRYPTO 2013. LNCS, vol. 8042, pp. 57–74. Springer, Heidelberg (2013).  https://doi.org/10.1007/978-3-642-40041-4_4CrossRefGoogle Scholar
  3. 3.
    Alwen, J., Krenn, S., Pietrzak, K., Wichs, D.: Learning with rounding, revisited: new reduction, properties and applications. Cryptology ePrint Archive, Report 2013/098 (2013). https://eprint.iacr.org/2013/098CrossRefGoogle Scholar
  4. 4.
    Boldyreva, A., Fehr, S., O’Neill, A.: On notions of security for deterministic encryption, and efficient constructions without random oracles. In: Wagner, D. (ed.) CRYPTO 2008. LNCS, vol. 5157, pp. 335–359. Springer, Heidelberg (2008).  https://doi.org/10.1007/978-3-540-85174-5_19CrossRefGoogle Scholar
  5. 5.
    Boneh, D., Canetti, R., Halevi, S., Katz, J.: Chosen-ciphertext security from identity-based encryption. SIAM J. Comput. 36(5), 1301–1328 (2006)MathSciNetCrossRefGoogle Scholar
  6. 6.
    Boneh, D., Dagdelen, Ö., Fischlin, M., Lehmann, A., Schaffner, C., Zhandry, M.: Random oracles in a quantum world. In: Lee, D.H., Wang, X. (eds.) ASIACRYPT 2011. LNCS, vol. 7073, pp. 41–69. Springer, Heidelberg (2011).  https://doi.org/10.1007/978-3-642-25385-0_3CrossRefzbMATHGoogle Scholar
  7. 7.
    Boyen, X., Mei, Q., Waters, B.: Direct chosen ciphertext security from identity-based techniques. In: Proceedings of the 12th ACM Conference on Computer and Communications Security, pp. 320–329. ACM (2005)Google Scholar
  8. 8.
    Cramer, R., Shoup, V.: Design and analysis of practical public-key encryption schemes secure against adaptive chosen ciphertext attack. SIAM J. Comput. 33(1), 167–226 (2003)MathSciNetCrossRefGoogle Scholar
  9. 9.
    Dodis, Y., Ostrovsky, R., Reyzin, L., Smith, A.: Fuzzy extractors: how to generate strong keys from biometrics and other noisy data. SIAM J. Comput. 38(1), 97–139 (2008)MathSciNetCrossRefGoogle Scholar
  10. 10.
    Fujisaki, E., Okamoto, T.: Secure integration of asymmetric and symmetric encryption schemes. J. Cryptol. 26(1), 80–101 (2013)MathSciNetCrossRefGoogle Scholar
  11. 11.
    Gentry, C., Peikert, C., Vaikuntanathan, V.: Trapdoors for hard lattices and new cryptographic constructions. In: Proceedings of the 40th Annual ACM Symposium on Theory of Computing, STOC 2008, pp. 197–206. ACM, New York (2008)Google Scholar
  12. 12.
    Goldwasser, S., Kalai, Y., Peikert, C., Vaikuntanathan, V.: Robustness of the learning with errors assumption. In: Innovations in Computer Science, pp. 230–240 (2010)Google Scholar
  13. 13.
    Kiltz, E., Galindo, D.: Direct chosen-ciphertext secure identity-based key encapsulation without random oracles. Theoret. Comput. Sci. 410(47–49), 5093–5111 (2009)MathSciNetCrossRefGoogle Scholar
  14. 14.
    Lai, J., Deng, R.H., Liu, S., Kou, W.: Efficient CCA-secure PKE from identity-based techniques. In: Pieprzyk, J. (ed.) CT-RSA 2010. LNCS, vol. 5985, pp. 132–147. Springer, Heidelberg (2010).  https://doi.org/10.1007/978-3-642-11925-5_10CrossRefGoogle Scholar
  15. 15.
    Micciancio, D., Peikert, C.: Trapdoors for lattices: simpler, tighter, faster, smaller. In: Pointcheval, D., Johansson, T. (eds.) EUROCRYPT 2012. LNCS, vol. 7237, pp. 700–718. Springer, Heidelberg (2012).  https://doi.org/10.1007/978-3-642-29011-4_41CrossRefGoogle Scholar
  16. 16.
    Mol, P., Yilek, S.: Chosen-ciphertext security from slightly lossy trapdoor functions. In: Nguyen, P.Q., Pointcheval, D. (eds.) PKC 2010. LNCS, vol. 6056, pp. 296–311. Springer, Heidelberg (2010).  https://doi.org/10.1007/978-3-642-13013-7_18CrossRefGoogle Scholar
  17. 17.
    Peikert, C., Regev, O., Stephens-Davidowitz, N.: Pseudorandomness of ring-LWE for any ring and modulus. In: Proceedings of the 49th Annual ACM SIGACT Symposium on Theory of Computing, pp. 461–473. ACM (2017)Google Scholar
  18. 18.
    Peikert, C., Vaikuntanathan, V., Waters, B.: A framework for efficient and composable oblivious transfer. In: Wagner, D. (ed.) CRYPTO 2008. LNCS, vol. 5157, pp. 554–571. Springer, Heidelberg (2008).  https://doi.org/10.1007/978-3-540-85174-5_31CrossRefGoogle Scholar
  19. 19.
    Peikert, C., Waters, B.: Lossy trapdoor functions and their applications. SIAM J. Comput. 40(6), 1803–1844 (2011)MathSciNetCrossRefGoogle Scholar
  20. 20.
    Regev, O.: On lattices, learning with errors, random linear codes, and cryptography. In: Proceedings of the Thirty-Seventh Annual ACM Symposium on Theory of Computing, STOC 2005, pp. 84–93. ACM, New York (2005)Google Scholar
  21. 21.
    Rosen, A., Segev, G.: Chosen-ciphertext security via correlated products. In: Reingold, O. (ed.) TCC 2009. LNCS, vol. 5444, pp. 419–436. Springer, Heidelberg (2009).  https://doi.org/10.1007/978-3-642-00457-5_25CrossRefGoogle Scholar
  22. 22.
    Xie, X., Xue, R., Zhang, R.: Deterministic public key encryption and identity-based encryption from lattices in the auxiliary-input setting. In: Visconti, I., De Prisco, R. (eds.) SCN 2012. LNCS, vol. 7485, pp. 1–18. Springer, Heidelberg (2012).  https://doi.org/10.1007/978-3-642-32928-9_1CrossRefGoogle Scholar

Copyright information

© Springer Nature Switzerland AG 2019

Authors and Affiliations

  1. 1.QUTBrisbaneAustralia
  2. 2.Griffith UniversityBrisbaneAustralia

Personalised recommendations